Configuring Swat Revisited
Andrew Bartlett
abartlet at pcug.org.au
Tue Mar 6 06:14:23 GMT 2001
Edmond Cheng wrote:
>
> Still I can't get SWAT working.
>
> I change the httpd.conf in your mail. This time the Netscape returns error
> message, "A network error occurred while Netscape was receiving data.
> (Network error: Broken pipe) Try connecting again"
>
> Regards,
> Edmond
Probably becouse SWAT does NOT use apache. SWAT cannot run under
apache. Why? A properly configured apache installation runs as user
nobody (or equiv), SWAT must run as ROOT, as it needs to read/write
/etc/smb.conf, /etc/smbpasswd and to validate your identity in
/etc/shadow.
SWAT uses its own internal web-server, basicly pumping raw HTTP at a
port (not that hard actualy). It does this becouse it needs to run as
root, and no sane sysadmin runs web-servers as root. (The other option,
making it set-uid root, is unappealing becouse of the security
implications).
SWAT can be enabled in /etc/inetd.conf or /etc/xinetd.d/swat, and can
use SSL for added privacy. See other e-mails in this thread for
configuration examples. I recomend only allowing acces from localhost.
Hope this clarifies things,
Andrew Bartlett
--
Andrew Bartlett
abartlet at pcug.org.au
More information about the samba
mailing list